20120502

This week the House of Representatives is debating CISPA, the dangerous ‘cybersecurity’ bill that threatens to decimate Internet users’ privacy in the name of security. EFF and a wide variety of other groups have been protesting the law’s provisions giving companies the power to read users’ emails and other communications and hand them to the government without any judicial oversight whatsoever—essentially a giant ‘cybersecurity’ exception to all existing privacy laws.

We’ve already shown how the bill’s definition of ‘cyber threat information’ can lead the companies and government to surveil citizens for a host of reasons beyond critical cybersecurity threats. But we want to focus on one vital portion of the bill that is not getting enough attention: what the government can do with your private information once companies hand it over.

Even though CISPA is styled as a ‘cybersecurity’ bill, it explicitly allows the Department of Homeland Security and other government agencies like the National Security Agency (NSA) to use your information for ‘national security’ purposes—expanding the bill far beyond its purported goal. Bill sponser Mike Rogers introduced a package of amendments yesterday, but did not remove “national security” as one of the purposes for which information can be used...